Sign up for our free newsletter

In recent months, a combined 41 million customer credit and debit cards were compromised due to a string of cyber-attacks on two high-profile corporate chain stores, according to USA TODAY. As a small business owner, your footprint may be smaller than a mass market retailer, but you’re subjecting yourself to a huge risk if you’re not making data protection a top priority.

Although it may seem like a time-consuming task, setting up proactive security measures to help prevent network intrusion is well worth the effort. The National Small Business Association reported that a single cyber-attack costs a small business an average of $8,669.48, further proving that data hacking is prevalent amongst businesses of any size.

A data breach on a small business does not only take a major toll financially, but also may ultimately lead to decreased sales, reduced trust and a tarnished reputation. Here are a few simple steps any small business owner can take to help protect against a breach:

Protect Computers and Mobile Devices

Install and regularly update antivirus and antispyware software on computers and devices used in your business. Research shows that more than nine out of 10 small businesses believe they are safe from malware and viruses according to Solutions for Small Businesses. However, with 52 percent of data hacks occurring through network intrusion according to a 2013 Data Breach Investigations Report, it is crucial to not only take the first step of installing precautionary software, but regularly maintaining it. In fact, in the Cyber Security Strategies for the Small Business Market Report, 53 percent of businesses check their computers on a weekly basis to ensure that antivirus, antispyware, firewalls and operating systems are up-to-date, and 11 percent never check them at all.

Secure Physical and Digital Environments

Business owners need to understand how physical and digital environments are interconnected. Security breaches, whether physical or digital, typically boil down to one thing—access. Thus, securing the premises of any establishment is a critical first line of defense in protecting Point-of-Sale systems, computers and hard drives that live within the walls of the business. The next layer of defense is to protect data on devices using appropriate encryption and data security software, and similarly protect mobile devices, such as tablets and smartphones, that are even more vulnerable to be lost or stolen.

Establish Data Security Guidelines

Small business owners should create data policies and provide adequate training to ensure employees are equipped to handle sensitive and personally identifiable information (PII). The National Cyber Security Alliance found that only 28 percent of U.S. small businesses have formal internet security policies, leaving the remainder at risk. Business owners should start by assessing how they collect, process and store data, along with identifying the individuals in their company who have access to various levels of information. This exercise will help in identifying risks and establishing policies and training unique to the business.

It is a new era in the world of cyber security and as a small business owner, vigilance is critical in protecting consumer and company information. Act now before a risk becomes a reality.

Luis Orbegoso is President of ADT Small Business, where he leads company’s strategy in providing innovative and streamlined security and automation solutions for small business owners.

spend lots of money promoting themselves on social media, so free mentions by employees on Facebook, Twitter and other networks are a good thing, right? Maybe not. Such postings, even when well-intentioned, can pose security and other risks for your firm. Here are some things that can go wrong, and some tips on setting your policy.

Many businesses grant subcontractors client access into their systems for all types of reasons, from file sharing to accounts payable functions. If systems aren't locked down, a small company can be opening itself to major security concerns.

For more effective data security, experts often recommend the implementation of a security policy so employees, clients and subcontractors can understand their roles and responsibilities. Unfortunately, the reality is that a security policy tends to be one more boilerplate document that doesn't get read, much less followed.